ANSI X9.23 cipher block chaining

Edit online

ANSI X9.23 defines an enhancement to the basic cipher block chaining (CBC) mode of ANSI X3.106 so that the system can process data with a length that is not an exact multiple of eight bytes.

The ANSI X9.23 method always appends from 1 - 8 bytes to the plaintext before encipherment. The last appended byte is the count of the added bytes and is in the range of X'01' - X'08'. The standard defines that any other added bytes, or pad characters, be random.

When the coprocessor enciphers the plaintext, the resulting ciphertext is always 1 - 8 bytes longer than the plaintext. See Figure 1. This is true even if the length of the plaintext is a multiple of eight bytes. When the coprocessor deciphers the ciphertext, it uses the last byte of the deciphered data as the number of bytes to remove from the end (pad bytes, if any, and count byte). The result is the original plaintext. See Figure 2.

The output chaining vector can be used as feedback with this method in the same way as with the X3.106 method.

The ANSI X9.23 method requires the caller to supply an initialization vector, and it does not allow specification of a pad character.
Note: The ANSI X9.23 standard has been withdrawn, but the X9.23 padding method is retained in CCA for compatibility with applications that rely on this method.
Figure 1. Enciphering using the ANSI X9.23 method
Enciphering using the ANSI X9.23 method
Figure 2. Deciphering using the ANSI X9.23 method
Deciphering using the ANSI X9.23 method